<?php
/**
 * GioCMS
 * 
 * LICENSE
 *
 * This source file is subject to the GNU GENERAL PUBLIC LICENSE Version 2 
 * that is bundled with this package in the file LICENSE.txt.
 * It is also available through the world-wide-web at this URL:
 * http://www.gnu.org/licenses/gpl-2.0.txt
 * If you did not receive a copy of the license and are unable to
 * obtain it through the world-wide-web, please send an email
 * to license@ninhgio.com so we can send you a copy immediately.
 * 
 * @copyright	Copyright (c) 2010-2011 GioCMS (http://cms.ninhgio.com)
 * @license		http://www.gnu.org/licenses/gpl-2.0.txt GNU GENERAL PUBLIC LICENSE Version 2
 * @author		NinhGio - ninhgio@gmail.com
 * @since		1.0
 */

class Gio_Core_Acl
{
	/**
	 * @param Gio_Core_Acl
	 */
	private static $_instance = null;
	private $_rules = null;
	private $_user = null;
	
	/**
	 * @return Gio_Core_Acl
	 */
	public static function getIntance()
	{
		if (null == self::$_instance) {
			self::$_instance = new self();
		}
		return self::$_instance;
	}
	
	public function __construct()
	{
		$this->_rules = Modules_Core_Services_Rule::getAclRules();
		
		$request = Gio_Core_Request::getInstance();
		$phpSessionId   = $request->getPost('PHPSESSID');
		$session = Gio_Core_Session::getSessionById($phpSessionId);
		
		$json = new Services_JSON();
		$user = (null == $session || null == $session['data']) 
										? null : $json->decode($session['data']);
		$this->_user = $user;
	}
	
	/**
	 * @return Gio_Core_Acl
	 */
	public function setUser($user)
	{
		$this->_user = $user;
		return $this;
	}
	
	public function isAllowed($actionId, $controllerId = null, $moduleId = null)
	{
		if (null == $this->_user) {
			return null;
		}
		
		$request = Gio_Core_Request::getInstance();
		$moduleId = (null == $moduleId) ? $request->getParam('module') : $moduleId;
		$controllerId = (null == $controllerId) ? $request->getParam('controller') : $controllerId;

		$action = Modules_Core_Services_Action::getByMCA($moduleId, $controllerId, $actionId);
		if (null == $action) {
			return true;
		}
		
		if ($this->_rules) {
			$roleId = isset($this->_user->role_id) ? $this->_user->role_id : null;
			$roleName = 'role_' . $roleId;
			$userId = isset($this->_user->user_id) ? $this->_user->user_id : null;
			$userRoleName = 'user_' . $userId;
			$moduleController = $moduleId . ':' . $controllerId;
			
			$pattern = array(
							'role_name'			=> $roleName,
							'allow'				=> 0,
							'module_controller'	=> $moduleController,
							'action_id'			=> $actionId
						);
			$userPattern = array(
							'role_name'			=> $userRoleName,
							'allow'				=> 0,
							'module_controller'	=> $moduleController,
							'action_id'			=> $actionId
						);
			if (in_array($pattern, $this->_rules) || in_array($userPattern, $this->_rules)) {
				return false;
			} else {
				$pattern['allow'] = 1;
				$userPattern['allow'] = 1;
				if (in_array($pattern, $this->_rules) || in_array($userPattern, $this->_rules)) {
					return true;
				} else {
					$pattern['module_controller'] = null;
					$pattern['action_id'] = null;
					$userPattern['module_controller'] = null;
					$userPattern['action_id'] = null;
					if (in_array($pattern, $this->_rules) || in_array($userPattern, $this->_rules)) {
						return true;
					}
				}
			}
		}
		return false;
	}
}